Threats are on the Rise: Are You Next?

Government entities are losing the battle against online attacks. Cyber attacks continue to rise each year even though government agencies have established endpoint security policies. Recent surveys from the Government Accountability Office indicate that federal agencies registered approximately 48,000 information security incidents in fiscal 2012, compared to about 43,000 the previous year.1

The security challenge for government agencies is twofold: Threats can come externally or from within. Data leakage and network instability can have disastrous consequences, regardless of their origin. Therefore, security must be implemented to block entry of unauthorized users and prohibit the exit of confidential data, among other things. Many threats are due to user laxity, negligence or worse. Users may unknowingly open doors to external threats by using unauthorized or unpatched software that allows hackers entry onto the system. Employees may routinely transfer sensitive data onto removable devices (such as USB flash drives) and leave the building, only to discover later that the device has been lost or stolen. If the data has not been encrypted, the consequences are more serious.

Ensuring Compliance

Meeting and demonstrating compliance is the start to a more secure agency. Theft or loss of confidential information has sparked numerous legislative requirements and standards-based protocols from NIST. These security controls and data protection requirements impact both civilian-facing (at the national, state and local levels) agencies and departments concerned with national security.

Lumension has developed solutions in lockstep with these requirements and standards, helping governmental agencies ensure compliance. Specifically, the Lumension® Endpoint Management and Security Suite (L.E.M.S.S.) has been validated by NIST as conforming to the Security Content Automation Protocol (SCAP) and its component standards. The encryption components are FIPS 140-2 level 2 certified to ensure the security of information. Lumension solutions also help agencies reach compliance by patching vulnerabilities and scanning network devices for exploitable weaknesses. L.E.M.S.S. provides a defense-in-depth approach to IT security, protecting against wide variety of threat vectors, including advanced persistent threats (APTs).

Civilian-Facing Agencies: Complying with Endpoint Security Mandates and Protocols

The following mandates and protocols address the security needs of agencies that work with the public to provide various types of services. [Click on the links for further discussion on how Lumension solutions address each of these areas.]

These federal mandates and protocols are also useful at the state and municipal level in helping define current best practices. Lumension solutions are used by many state and local government agencies to help secure their endpoints.

National Security Solutions: Complying with Endpoint Security Mandates and Protocols

In addition to the above, departments and agencies which focus on national security have specific mandates to protect classified information.


How Lumension Helps Government Departments and Agencies

Lumension's security management software protects against internal risks and external threats targeting government organizations by providing comprehensive vulnerability management, endpoint security, and data protection solutions. Some common challenges to federal, state and municipal agencies are described below along with a brief description of the solution. For more detailed information you can click on the product link within the solution description.

In addition, L.E.M.S.S. reports and data can be converted to the standard Cyberscope format for complete compliance and enhanced reporting.

Common Agency Challenges Lumension Solution
Meeting strict requirements posed by the National Information Assurance Partnership (NIAP) Common Criteria Evaluation and Validation Scheme for IT Security (CCEVS). Lumension® Endpoint Management and Security Suite (L.E.M.S.S.) modules are all certified to maintain audit readiness and will increase your security posture.
Safeguarding the confidentiality, integrity and availability of sensitive data, ensuring secure configurations, and protecting against insider risk and advanced persistent threat (APT).

Lumension® Endpoint Management and Security Suite (L.E.M.S.S.) modules provide a defense-in-depth approach to endpoints security, including:

  • Lumension® Vulnerability Management identifies non-compliant security configurations through comprehensive network and agent-based scanning capabilities, removes the risk of sensitive data from being improperly disclosed and minimizes the vulnerability window of exposure through rapid remediation.
  • Lumension® Data Protection controls and monitors the flow of inbound and outbound data via removable devices / media and protects data using FIPS 140-2 Level 2 validated encryption.
  • Lumension® Endpoint Protection identifies your organizational security holes in the protection of information through comprehensive auditing of user behavior and endpoint configurations.
Preventing malware execution originating at an endpoint.

Lumension® Endpoint Management and Security Suite (L.E.M.S.S.) modules that specifically stop unauthorized application execution include:

Improving IT system performance. Lumension® Endpoint Management and Security Suite (L.E.M.S.S.) provides all the key capabilities that improve IT system performance through standardizing endpoint configurations, patching vulnerabilities and by whitelisting applications and removable devices to ensure that only those authorized can execute on your network.
Reducing endpoint security and management TCO.

Lumension® Endpoint Management and Security Suite (L.E.M.S.S.)  reduces endpoint security and management TCO via single server, single console, single agent approach to defense-in-depth at the endpoint, thereby:

  • Reducing training needs.
  • Reducing system resource utilization.
  • Improving end user productivity by reducing the need to troubleshoot, repair and/or reimage endpoints.
Improving end user productivity.

Lumension® Endpoint Management and Security Suite (L.E.M.S.S.) provides:

  • Improved end user productivity by reducing downtime and non-productive system resource utilization.
  • Improved asset utilization by blocking unwanted, unapproved or malicious applications and enforcing policies to ensure endpoints run as expected.
  • Reduced admin overhead by eliminating training on multiple console / tools, improving visibility via aggregated reporting, and providing a "single pane of glass" to manage endpoints.
Enforcing software license compliance within the agency. Lumension® Endpoint Management and Security Suite (L.E.M.S.S.) ensures only authorized software applications are running on government endpoints.

The following Government-wide Acquisition Contracts (GWAC) are supported to assist agencies in the purchasing process:

  • GSA Schedule 70
  • NASA
  • SEWP IV
  • SDVOSB (Service Disabled Veteran Owned Small Business)
  • HUBZone Certified contractors

1 Agencies Show Little Progress In 2012 Combating Cyber Incidents, by Wyatt Kash, Aol Government (4 December 2012)